ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which might allow remote attackers to obtain sensitive information by using a (1) string or (2) array data type in place of a numeric data type, as demonstrated by an imagecrop function call with a string for the x dimension value, a different vulnerability than CVE-2013-7226.
Vector
NETWORK
Complexity
LOW
Authentication
NONE
Confidentiality
PARTIAL
Integrity
NONE
Availability
NONE
jasig phpCAS 0.4.8
jasig phpCAS 0.4.19
jasig phpCAS 0.4.9
jasig phpCAS 0.4.18
Php Php 5.5.8 (not an official CPE)
jasig phpCAS 0.4.21
Php Php 5.5.6 (not an official CPE)
jasig phpCAS 0.4.20
Php Php 5.5.7 (not an official CPE)
jasig phpCAS 1.0.0
Php Php 5.5.4 (not an official CPE)
jasig phpCAS 0.5.0
Php Php 5.5.5 (not an official CPE)
jasig phpCAS 0.4.17
Php Php 5.5.2 (not an official CPE)
jasig phpCAS 0.4.23
jasig phpCAS 0.4.22
Php Php 5.5.3 (not an official CPE)
jasig phpCAS 0.6.0
jasig phpCAS 0.5.1
| Advisory | Patch | Confirmed | Link |
|---|---|---|---|
| https://bugs.php.net/bug.php?id=66356 | |||
| https://github.com/php/php-src/commit/2938329ce19cb8c419... | |||
| USN-2126-1 |